Re: [saag] PQC in ZRTP (RFC6189) and hybrid KEM

Jon Callas <joncallas@icloud.com> Tue, 23 November 2021 20:22 UTC

Return-Path: <joncallas@icloud.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6354B3A0596 for <saag@ietfa.amsl.com>; Tue, 23 Nov 2021 12:22:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OZXHuacxCSBy for <saag@ietfa.amsl.com>; Tue, 23 Nov 2021 12:22:45 -0800 (PST)
Received: from mr85p00im-ztdg06021201.me.com (mr85p00im-ztdg06021201.me.com [17.58.23.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8D223A05AA for <saag@ietf.org>; Tue, 23 Nov 2021 12:22:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=1a1hai; t=1637698965; bh=tvSpyo6X0zwbwF/FuNEHNN/wFPn3lVP5BbFaDoSZxG4=; h=Content-Type:Mime-Version:Subject:From:Date:Message-Id:To; b=ZFBfBUGsttT91gi650z0tM0GyH1gmfptFMry3XaBtosMPKXGwewxF+1cKOM4Aa2Jm MTKXBs81MrirZTzr5N7DVjd1+d1OOcEbLkMD9zDX7aKiyeQEUY6QRPCq9G0+5kmiaj H2AQuPpi6VeBWTUnviR4jt/rfYBnjzfIoPupBg+M4GfLESFQvXWkqzUga+1OtzpOgr l13M3LlE97fLqZI/cUCpBjdNXFmwyMso8W4rpQHc/Rb9pNHQM6VmgNloOB5i48kvgw cLCFC9eVytIL6scFLmMD8dMsNaUce4Ct1fP7GGO/TrbrgKrsgQxaCjAVab39VFpsP0 PW+k7cMD3FQoA==
Received: from smtpclient.apple (70-228-76-163.lightspeed.sntcca.sbcglobal.net [70.228.76.163]) by mr85p00im-ztdg06021201.me.com (Postfix) with ESMTPSA id 07B8712078A; Tue, 23 Nov 2021 20:22:44 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.20.0.1.32\))
From: Jon Callas <joncallas@icloud.com>
In-Reply-To: <6FDCA579-69C1-463A-8E1F-FF88ECF652B2@csperkins.org>
Date: Tue, 23 Nov 2021 12:22:44 -0800
Cc: Jon Callas <joncallas@icloud.com>, Eric Rescorla <ekr@rtfm.com>, IETF SAAG <saag@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <9462228E-3FC8-4070-BC7B-03E4ED508334@icloud.com>
References: <0c359a65-386e-8c09-4c8f-9cefb066cffc@linphone.org> <CABcZeBPME1Eos8SFQdmAGRP5smn=bfAdPVOTrxF10nU3wkEbeA@mail.gmail.com> <B8A00186-3F5E-4075-8244-B4B9F069BD5B@csperkins.org> <f0aaeb33-0bf7-c5e0-5df3-d251a4c24b9f@linphone.org> <CABcZeBNb4qEJscEHb44PjrHEQKs08R6vCZfFM0HWk67OLMZykA@mail.gmail.com> <20211123062712.GB93060@kduck.mit.edu> <CABcZeBNaiQuod2hsm0-Lm68zTiOvZnK+f8FygNuN9_KEPCZvhA@mail.gmail.com> <6FDCA579-69C1-463A-8E1F-FF88ECF652B2@csperkins.org>
To: Colin Perkins <csp@csperkins.org>
X-Mailer: Apple Mail (2.3693.20.0.1.32)
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.1.170-22c6f66c430a71ce266a39bfe25bc2903e8d5c8f:6.0.425,18.0.790,17.0.607.475.0000000 definitions=2021-11-23_07:2021-11-23_01,2021-11-23_07,2020-04-07_01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 adultscore=0 mlxlogscore=999 mlxscore=0 spamscore=0 clxscore=1011 phishscore=0 bulkscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2111230099
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/inZ8ABP8zJeyjcVSTTQzh_w24_Y>
Subject: Re: [saag] PQC in ZRTP (RFC6189) and hybrid KEM
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Nov 2021 20:22:50 -0000


> On Nov 23, 2021, at 11:22, Colin Perkins <csp@csperkins.org> wrote:
> 
> It was externally developed, but did get some reasonable amount of review in IETF, and was discussed in WG meetings on several occasions. 

Yeah, there was a lot of going back and forth on many things that were at least layer 9 issues. The result of that being that it's Informational.

> 
> If I remember correctly, this review didn’t change the core security mechanism, but did result in fixes to a number of issues around how ZRTP integrates with RTP and signalling.

That's what I (a co-author) remember as well, too.

Anyway, if someone wants to put PQC into ZRTP anyway, I think it's a great idea, and an Informational Track addendum, I'd be happy to help. Note, however, _help_. If I wanted to do the heavy lifting, I'd have done it, myself. Also, one of the main questions is whether this is still the right time to put it in. The NIST PQC work still seems to be aflutter with this and that.

	Jon